Concept Guide
interface Interface configuration mode
line Line Configuration mode
route-map Route map configuration mode
router Router configuration mode
DellEMC(conf)#do show role mode configure line
Role access:sysadmin
Example: Grant and Remove Security Administrator Access to Congure Protocols
By default, the system dened role, secadmin, is not allowed to congure protocols. The following example rst grants the secadmin
role to congure protocols and then removes access to congure protocols.
DellEMC(conf)#role configure addrole secadmin protocol
DellEMC(conf)#role configure deleterole secadmin protocol
Example: Resets Only the Security Administrator role to its original setting.
The following example resets only the secadmin role to its original setting.
DellEMC(conf)#no role configure addrole secadmin protocol
Example: Reset System-Dened Roles and Roles that Inherit Permissions
In the following example the command protocol permissions are reset to their original setting or one or more of the system-dened roles
and any roles that inherited permissions from them.
DellEMC(conf)#role configure reset protocol
Adding and Deleting Users from a Role
To create a user name that is authenticated based on a user role, use the username name password encryption-type password role
role-name command in CONFIGURATION mode.
Example
The following example creates a user name that is authenticated based on a user role.
DellEMC(conf)# username john password 0 password role secadmin
The following example deletes a user role.
NOTE
: If you already have a user ID that exists with a privilege level, you can add the user role to username that has a privilege
DellEMC(conf)# no username john
The following example adds a user, to the secadmin user role.
DellEMC(conf)# username john role secadmin password 0 password
AAA Authentication and Authorization for Roles
This section describes how to congure AAA Authentication and Authorization for Roles.
Conguration Task List for AAA Authentication and Authorization for Roles
This section contains the following AAA Authentication and Authorization for Roles conguration tasks:
• Conguring AAA Authentication for Roles
• Conguring AAA Authorization for Roles
• Conguring TACACS+ and RADIUS VSA Attributes for RBAC
798
Security